class AuthD::Request
	# Migration involves users with a broken password hash algorithm.
	IPC::JSON.message MigrateUser, 249 do
		property login              : String
		property password_hash_brkn : String  # Old, broken algorithm. Will be changed on first authentication.
		property admin              : Bool                     = false
		property email              : String?                  = nil
		property profile            : Hash(String, JSON::Any)? = nil

		def initialize(@login, @password_hash_brkn, @admin = false, @email = nil, @profile = nil)
		end

		def to_s(io : IO)
			super io
			io << " (login: #{@login}, admin: #{@admin})"
		end

		def handle(authd : AuthD::Service, fd : Int32)
			logged_user = authd.get_logged_user_full? fd
			return Response::ErrorMustBeAuthenticated.new if logged_user.nil?

			logged_user.assert_permission("authd", "*", User::PermissionLevel::Admin)

			if authd.users_per_login.get? @login
				return Response::ErrorAlreadyUsedLogin.new
			end

			# No mail verification since there were no mail stored in dnsmanager v1.

			uid = authd.new_uid

			user = User.new uid, @login, "" # Current password is voluntarily not set.

			user.password_hash_brkn = @password_hash_brkn
			user.contact.email      = @email unless @email.nil?
			user.admin              = @admin

			@profile.try do |profile|
				user.profile = profile
			end

			# We consider adding the user as a registration.
			user.date_registration = Time.local

			authd.users << user
			authd.new_uid_commit uid
			Response::UserAdded.new user.to_public
		end
	end
	AuthD.requests << MigrateUser
end
